exploitDog

CVE-2015-1469

Опубликовано: 03 фев. 2015

Источник: nvd

CVSS2: 9

EPSS Низкий

Описание

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.

Ссылки

http://www.kb.cert.org/vuls/id/522460
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/522460
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:servision:hvg_video_gateway_firmware:*:*:*:*:*:*:*:*

Версия до 2.2.26a100 (включая)

cpe:2.3:h:servision:hvg400:*:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00216

Низкий

9 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-xx3m-f593-wg64

github

больше 3 лет назад

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.

EPSS

Процентиль: 44%

0.00216

Низкий

9 Critical

CVSS2

Дефекты

CWE-264